//
//  HttpManager.m
//  PilotSeries
//
//  Created by 黄立强 on 16/6/29.
//  Copyright © 2016年 leon.huang. All rights reserved.
//

#import "HttpManager.h"

@implementation HttpManager

+ (AFSecurityPolicy*)customSecurityPolicy
{
    // /先导入证书
    NSString *cerPath;
    if ([PAAppContext sharedInstance].envType == PAEnvironmentTypeProduct) {
        cerPath = [[NSBundle mainBundle] pathForResource:@"IDEA_Authentication_Authority_PROD" ofType:@"cer"];
    }else if ([PAAppContext sharedInstance].envType == PAEnvironmentTypeQA){
        cerPath = [[NSBundle mainBundle] pathForResource:@"IDEA_Authentication_Authority_INT" ofType:@"cer"];
    }else if ([PAAppContext sharedInstance].envType == PAEnvironmentTypeDev){
        cerPath = [[NSBundle mainBundle] pathForResource:@"AuthnServiceSSLCertificate_DEV" ofType:@"cer"];
    }
    NSData *certData = [NSData dataWithContentsOfFile:cerPath];
    
    // AFSSLPinningModeCertificate 使用证书验证模式
    AFSecurityPolicy *securityPolicy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeNone];
    
    // allowInvalidCertificates 是否允许无效证书（也就是自建的证书），默认为NO
    // 如果是需要验证自建证书，需要设置为YES
    securityPolicy.allowInvalidCertificates = YES;
    
    //validatesDomainName 是否需要验证域名，默认为YES；
    //假如证书的域名与你请求的域名不一致，需把该项设置为NO；如设成NO的话，即服务器使用其他可信任机构颁发的证书，也可以建立连接，这个非常危险，建议打开。
    //置为NO，主要用于这种情况：客户端请求的是子域名，而证书上的是另外一个域名。因为SSL证书上的域名是独立的，假如证书上注册的域名是www.google.com，那么mail.google.com是无法验证通过的；当然，有钱可以注册通配符的域名*.google.com，但这个还是比较贵的。
    //如置为NO，建议自己添加对应域名的校验逻辑。
    securityPolicy.validatesDomainName = NO;
    
    securityPolicy.pinnedCertificates = [[NSSet alloc] initWithObjects:certData, nil];
    
    return securityPolicy;
}


+(AFHTTPSessionManager *) sslManager{
    
    AFHTTPSessionManager *manager = [[AFHTTPSessionManager manager ] initWithBaseURL:[NSURL URLWithString:@"https://authnservice.bootstrapservices.idea-dev2.pilotcloud.paic.com.cn:10081"]];
    
    manager.responseSerializer = [AFHTTPResponseSerializer serializer];
    
    manager.requestSerializer = [AFJSONRequestSerializer serializer];
    manager.responseSerializer = [AFJSONResponseSerializer serializer];
    
    [manager.requestSerializer willChangeValueForKey:@"timeoutInterval"];
    manager.requestSerializer.timeoutInterval = 10.f;
    [manager.requestSerializer didChangeValueForKey:@"timeoutInterval"];
    
    manager.responseSerializer.acceptableContentTypes = [NSSet setWithObjects:@"application/json", @"text/json", @"text/javascript",@"text/html",@"text/plain", nil];
    AFSecurityPolicy *securityPolicy = [self customSecurityPolicy];
    [manager setSecurityPolicy:securityPolicy];
    manager.securityPolicy.allowInvalidCertificates = YES;
    securityPolicy.validatesDomainName = NO;
    return  manager;
}

    +(AFHTTPSessionManager *) sslManagerwithBaseUrl:(NSString *) baseUrl{
        
        AFHTTPSessionManager *manager = [[AFHTTPSessionManager manager ] initWithBaseURL:[NSURL URLWithString:baseUrl]];
        
        manager.responseSerializer = [AFHTTPResponseSerializer serializer];
        
        manager.requestSerializer = [AFJSONRequestSerializer serializer];
        manager.responseSerializer = [AFJSONResponseSerializer serializer];
        
        [manager.requestSerializer willChangeValueForKey:@"timeoutInterval"];
        manager.requestSerializer.timeoutInterval = 10.f;
        [manager.requestSerializer didChangeValueForKey:@"timeoutInterval"];
        
        manager.responseSerializer.acceptableContentTypes = [NSSet setWithObjects:@"application/json", @"text/json", @"text/javascript",@"text/html",@"text/plain", nil];
        AFSecurityPolicy *securityPolicy = [self customSecurityPolicy];
        [manager setSecurityPolicy:securityPolicy];
        manager.securityPolicy.allowInvalidCertificates = YES;
        securityPolicy.validatesDomainName = NO;
        return  manager;
        return nil;
        
    }

+ (void)sslGet:(NSString *)url params:(NSDictionary *)params success:(void (^)(id responseObj))success failure:(void (^)(NSInteger code,NSError *error))failure{
    AFHTTPSessionManager *manager = [self sslManager];
    [manager GET:url parameters:params progress:nil success:^(NSURLSessionDataTask * _Nonnull task, id  _Nullable responseObject) {
        if (success) {
            success(responseObject);
        }

    } failure:^(NSURLSessionDataTask * _Nullable task, NSError * _Nonnull error) {
        NSHTTPURLResponse *res = (NSHTTPURLResponse *)task.response;
        if (failure) {
            failure(res.statusCode,error);
        }
    }];
    
}

+ (void)sslPost:(NSString *)url params:(NSDictionary *)params success:(void (^)(id responseObj))success failure:(void (^)(NSInteger code,NSError *error))failure{
//    NSString *baseUrl = url 
    AFHTTPSessionManager *manager = [self sslManager];
    [manager POST:url parameters:params progress:nil success:^(NSURLSessionDataTask * _Nonnull task, id  _Nullable responseObject) {
        if (success) {
            success(responseObject);
        }
    } failure:^(NSURLSessionDataTask * _Nullable task, NSError * _Nonnull error) {
        NSHTTPURLResponse *res = (NSHTTPURLResponse *)task.response;
        if (failure) {
            failure(res.statusCode,error);
        }
    }];
    
}


@end
